[PATCH 0/1] CVE-2018-14678 - uninitialized memory usage
Aaron Ma
aaron.ma at canonical.com
Mon Feb 18 15:08:45 UTC 2019
https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-14678.html
An issue was discovered in the Linux kernel through 4.17.11, as used in
Xen
through 4.11.x. The xen_failsafe_callback entry point in
arch/x86/entry/entry_64.S does not properly maintain RBX, which allows
local users to cause a denial of service (uninitialized memory usage and
system crash). Within Xen, 64-bit x86 PV Linux guest OS users can
trigger a
guest OS crash or possibly gain privileges.
This is a clean cherry pick to Bionic.
Build logs are clean.
I've smoke tested this change by booting a Bionic kernel
with this commit applied.
Andy Lutomirski (1):
x86/entry/64: Remove %ebx handling from error_entry/exit
arch/x86/entry/entry_64.S | 18 ++++--------------
1 file changed, 4 insertions(+), 14 deletions(-)
--
2.17.1
More information about the kernel-team
mailing list